Buying/selling exploits?
Results 1 to 7 of 7

Thread: Buying/selling exploits?

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Buying/selling exploits?

    Just got the following note on Full Disclosure:

    Hello list,

    We would like to announce a new service to the security community at securityfocus ,its about buying new,private exploits.
    So if you are looking to profit from your findings - the place is irc.exploits.cx the main chan is #exploits , details can be found on the /motd or you could just ask in the main channel.

    Our IRC network also supports ssl - irc.exploits.cx port: 9999


    We're looking forward to see you online!


    best regards,
    exploits.cx staff
    Now, first off. I'm not a coder. I'm lucky if I can get a "Hello World" program to work. That said, I can -- sorta -- figure out most exploits/POC and the gist of what is being attempted.

    But for the life of me, reading this email, I cannot see anyone taking this seriously. Now the email seems to suggest that they are representing SecurityFocus (?? -- Maybe a misread on my part) but if I'm a company who does pentesting or a company wanting to ensure my security or even if I'm a blackhat, I'm gonna know myself or have someone specialized in those fields rather than take a huge risk and buy exploits from a complete unknown.

    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    Yer damn fast MsM... I just finished reading the email about it and you had it posted..

    I actually think it's a rather lucrative idea.... exploits, if you use a major website as your source, are always a little behind what's actually out. If the people that discover these exploits and want to make a little coin to release them early.... I really think there are a few companies out there that would take advantage of it... One of these releases may save your company millions of dollars in downtime and/or damages.... It's like investing in the stock market, but I think it's a risk that many people would be willing to take... (if it proves to be as good as it claims to be)

    I'm actually connected to their IRC server right now

    MotD
    We are currently looking for the following :
    -
    - ### Windows XP - SP2 - local priv. or remote
    - ### Linux 2.4.x/2.6.x kernel - local private or 0 dayz
    - ### exim,postfix,sendmail,qmail - remote
    - ### samba - remote
    - ### IE, Firefox, Safari vulnerabilities
    - ### FreeBSD 5.x - local private or 0 dayz
    - ### FreeBSD 4.x - local private or 0 dayz
    - -----------------------------------------
    - Payments are received via / made by :
    - Paypal , WesternUnion , MoneyGram or E-gold
    - -----------------------------------------
    - Please dont try to abuse or fraud us , cause thats not our purpose !
    - All exploits will be reviewed before sending payments !
    - Reviewed vendors will get special privileges and receive bigger payments !
    - English language during sells is accepted only !
    - The server has an ssl connection on port 9999 , normal port 6667 !
    - -----------------------------------------
    - Have a nice sell !
    - -----------------------------------------
    - The main channel for selling / buying is #exploits
    Hrm... just went back to that window to join the channel and see if there wasn anything to add to this.. and I've pinged out.. I also cannot connect anymore

    I'm trying with a shell now and it seems to be slowly connecting.. I'm thinking their servers are being hammered after that email...

    I'll post anything else I found when I do find it.

    Peace,
    HT

    [Edit]
    Looks like it is still down.. none of my hosts can connect...
    [/Edit]
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  3. #3
    Senior Member
    Join Date
    Mar 2003
    Posts
    245
    What about computer/corporate espionage? Some unscrupulous companies out there will pay well for someone to
    spy on their competitors... Dropping 5K on some unreleased exploits could just be a business expense for professional code thiefs.

    Just a thought...

    -- spurious
    Get OpenSolaris http://www.opensolaris.org/

  4. #4
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Anyone checked out their Web Site , seems kind of Micky Mouse to be affiliated with SecurityFocus.

    Cheers:
    DjM

  5. #5
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I'm not sure that they're claiming to be affiliated with Security Focus, but more that they're assuming FD to be filled with Security Focus members... and they're just using that to tie everything together.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  6. #6
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by HTRegz
    Hey Hey,

    I'm not sure that they're claiming to be affiliated with Security Focus, but more that they're assuming FD to be filled with Security Focus members... and they're just using that to tie everything together.

    Peace,
    HT
    Thanks HT, as soon as they drop the name SecurityFocus, it would tend to make people believe that they (SecurityFocus) supports their efforts. Thats kind of what I read into it, but then again I didn't get much sleep last night.

    Cheers:
    DjM

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Wow.. $29USD for:

    This is the big security database archived including an installer.
    Features:
    # More then 222 services exploits + protections for them
    # GTK / QT based installer for the database
    # Online updater -> CVS / Subversion / Rsync
    # Options for multiple testing on services
    # Web based interface
    # Console based interface
    I dunno. They accept major credit cards or "PaySat" (never heard of that).

    Although I do like their penguins: http://exploits.ath.cx/
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •